[Issue-3814] use snakeyaml 1.30

[pjfanning]

due to a CVE

Make sure set the target branch to develop

What is the purpose of the change

upgrade snakeyaml to a secure version

Brief changelog

upgrade pom

Verifying this change

CI build

Follow this checklist to help us incorporate your contribution quickly and easily. Notice, it would be helpful if you could finish the following 5 checklist(the last one is not necessary)before request the community to review your PR.

• Make sure there is a Github issue filed for the change (usually before you start working on it). Trivial changes like typos do not require a Github issue. Your pull request should address just this issue, without pulling in other changes - one PR resolves one issue.
• Format the pull request title like [ISSUE #123] Fix UnknownException when host config not exist. Each commit in the pull request should have a meaningful subject line and body.
• Write a pull request description that is detailed enough to understand what the pull request does, how, and why.
• Write necessary unit-test(over 80% coverage) to verify your logic correction, more mock a little better when cross module dependency exist. If the new feature or significant change is committed, please remember to add integration-test in test module.
• Run mvn -B clean apache-rat:check findbugs:findbugs checkstyle:checkstyle to make sure basic checks pass. Run mvn clean install -DskipITs to make sure unit-test pass. Run mvn clean test-compile failsafe:integration-test to make sure integration-test pass.
• If this contribution is large, please file an Apache Individual Contributor License Agreement.

[coveralls]

Coverage decreased (-0.08%) to 51.173% when pulling 5fe1fba on pjfanning:patch-1 into 7496081 on apache:develop.

[codecov-commenter]

Codecov Report

Merging #3815 (5fe1fba) into develop (7496081) will decrease coverage by 0.05%.
The diff coverage is n/a.

@@              Coverage Diff              @@
##             develop    #3815      +/-   ##
=============================================
- Coverage      47.16%   47.11%   -0.06%     
+ Complexity      4887     4876      -11     
=============================================
  Files            636      636              
  Lines          42468    42468              
  Branches        5553     5553              
=============================================
- Hits           20032    20009      -23     
- Misses         19928    19955      +27     
+ Partials        2508     2504       -4     

Impacted Files	Coverage Δ
...lient/impl/consumer/DefaultMQPushConsumerImpl.java	40.17% <0.00%> (-2.29%)	⬇️
...rocketmq/client/impl/factory/MQClientInstance.java	49.31% <0.00%> (-1.98%)	⬇️
...org/apache/rocketmq/common/stats/StatsItemSet.java	41.79% <0.00%> (-1.50%)	⬇️
...mq/client/impl/consumer/RebalanceLitePullImpl.java	48.52% <0.00%> (-1.48%)	⬇️
...ketmq/common/protocol/body/RegisterBrokerBody.java	83.69% <0.00%> (-1.09%)	⬇️
...e/rocketmq/client/impl/consumer/RebalanceImpl.java	43.75% <0.00%> (-0.79%)	⬇️
...nt/impl/consumer/ConsumeMessageOrderlyService.java	49.82% <0.00%> (-0.72%)	⬇️
...ent/impl/consumer/DefaultLitePullConsumerImpl.java	67.99% <0.00%> (-0.52%)	⬇️
...ocketmq/client/consumer/DefaultMQPushConsumer.java	55.94% <0.00%> (-0.50%)	⬇️
...pl/consumer/ConsumeMessageConcurrentlyService.java	48.57% <0.00%> (-0.48%)	⬇️
... and 7 more

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 7496081...5fe1fba. Read the comment docs.

[Kvicii]

LGTM
cc @duhenglucky @dongeforever

[yuz10]

LGTM

[CarterPlus]

LGTM